Beware of the 'Your Password Is Set To Expire' Scam
Another week means another malicious email scam being distributed on the Internet. This time the scam is called simply "Your password is set to expire".
The gist of things is very simple. Scam victims receive an email from a malicious actor, claiming to be the "Email Administrator". The scam email is very brief and its full text goes as follows:
Dear User,
Your password is set to expire in two day(s).
We encourage you to take the time now to automatically maintain your password activity to avoid interruption.
Keep my password.
Note: webmail will not be held responsible for any account loss
Thank you.
Copyright webmail 2022. All Rights Reserved.
If victims fall for the very bizarre notion of passwords expiring in the year 2022 and they click the "Keep my password" link, they will be taken to a phishing page and asked to enter their email login credentials. Of course, data entered in the fake form is immediately stolen and siphoned to the threat actors behind the scam, with your email wide open to takeover.
Always be careful with random emails that end up in your inbox and be very wary of clicking any sort of link in unsolicited emails.